1. Home
  2. pfSense® Software
  3. IPsec
Log in to post
Load new posts
  • D

    IPSec tunel fails!!!

    2
    0 Votes
    2 Posts
    584 Views
    M

    @dochy
    Hey! Have you a solution for this problem? We have currently the same..."error writing to socket"

  • M

    04[NET] error writing to socket: Permission denied

    1
    0 Votes
    1 Posts
    136 Views
    No one has replied
  • U

    IPsec and multiple identical P2 subnets

    2
    0 Votes
    2 Posts
    141 Views
    V

    @unsichtbarre
    No, it's not possible to route the traffic properly if the remote networks overlap.

    You have to either change or translate one. But both of this have to be done on a remote site.
    You can ask one of them to nat it for you.

  • A

    How to portforward over ipsec vpn

    2
    0 Votes
    2 Posts
    145 Views
    V

    @arrcy said in How to portforward over ipsec vpn:

    I want incoming connections on siteA:766
    to be port forwarded to 192.168.2.100:766 over the ipsec tunnel

    Across a policy-based IPSec, this is only gonna to work if you either do masquerading on site B LAN2 with an outbound NAT rule or if you route the whole upstream traffic from B over A. The latter might not be desirable, I guess, the former has the drawback that you loose the information about the origin source IP.

    It would work without this limitations with any other kind of VPN: routed IPSec, OpenVPN, Wireguard

    preferably i also want Lan 3 and lan 1 also be able to access
    10.0.0.1 without adding extra ipsec configuration but using
    outbound NAT

    Just add a phase 2 for each subnet pair, you want to connect.
    LAN1 <> 10.0.0.0/24
    LAN3 <> 10.0.0.0/24
    Remember, that you have to add these p2 with exchanged local - remote networks.

  • maverickwsM

    iperf3 issue over IPsec (VTI mode)

    5
    0 Votes
    5 Posts
    312 Views
    maverickwsM

    @Gblenn Actually site B has minimal services, no suricate, snort pfblocker or anything else installed.
    I'm clueless.

  • T

    IPsec Tunneling

    5
    0 Votes
    5 Posts
    205 Views
    T

    @viragomann the mint firewalls on both ends are allow any any

  • rcfaR

    VTI as default gateway?

    8
    0 Votes
    8 Posts
    804 Views
    rcfaR

    @bitvoip I’d just submit a bug report in that case…
    …costs nothing and ensures it’s on the radar of the developers.

  • M

    IPSEC stopped working after a temporary ISP connectivity down. Not able to establish connection to peer

    4
    0 Votes
    4 Posts
    394 Views
    S

    @mauro-tridici I have seen a case where the ISP modem (Comcast) was apparently blocking the inbound port forwarding. Changing the pfSense to a different WAN IP let it work.

    Re upgrade:
    https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#troubleshooting

  • N

    IPSEC between Sophos XG and pfsense

    2
    0 Votes
    2 Posts
    567 Views
    D

    @nabberuk I know this is an old topic, but replying here for the record as I had a very similar issue where I was unable to get multiple P2s to connect.

    In the advanced settings, if you check the "Split connections" setting which is described as "Enable this to split connection entries with multiple phase 2 configurations. Required for remote endpoints that support only a single traffic selector per child SA." that seemed to get the IPsec connection working between pfSense and Sophos.

  • T

    Virtual Address Pool in Pre-Shared Keys tab nicely work with EAP-TLS

    1
    1 Votes
    1 Posts
    143 Views
    No one has replied
  • M

    24.03 Ipsec Mobile Group Pools do not assign ip

    3
    0 Votes
    3 Posts
    225 Views
    M

    @keyser Thanks a lot for the clarification. Everything is now working as expected. 🤗

  • M

    Ipsec and portforward issue , from public ip site 1 to host site 2

    4
    0 Votes
    4 Posts
    265 Views
    V

    @mvbif
    Policy-based IPSec strictly connects two networks in a phase 2. And only these two network can communicate.
    If you forward traffic from a public IP the source might be outside of these network. So the packets won't be accepted.

    Yes, there are two possibilities with policy-based IPSec. You can either source-NAT the packets. But this must be done in the IPSec phase 2 with BINAT and to an IP, which the remote site has defined as remote network in its p2. Conventional outbound NAT would not work.
    The second option is to state 0.0.0.0/0 as local network on site 1 and as remote on site 2, but this means, that all upstream traffic from 2 will be routed to 1, which might be undesired.

    With VTI, you can assign an interface to the IPSec instance at site 2, where you have to define the firewall rule for inbound from the remote site. So pfSense can apply the reply-to tags to the packets, which is necessary to route response packets back to site 1.

  • dragoangelD

    IKEv2 Site-to-Site and MultiWAN on one side

    32
    0 Votes
    32 Posts
    3k Views
    stephenw10S

    Just try to resolve it somewhere. In Diag > DNS Lookup in pfSense for example.

    If you use an IP address or something actually resolves it must match the actual address IPSec is using.

  • R

    Estrutura Azure PFSENSE com IPSEC/OPENVPN- Azure PFSENSE Framework with IPSEC/OPENVPN

    1
    0 Votes
    1 Posts
    181 Views
    No one has replied
  • P

    Problema IPSEC-SNMPTRAP

    1
    0 Votes
    1 Posts
    190 Views
    No one has replied
  • M

    Measuring performance bottlenecks with IPSec?

    4
    0 Votes
    4 Posts
    509 Views
    N

    Set the MSS for AES to 1328, if you want to avoid padding.
    Less padding allows you to move more Data over the tunnel.

  • M

    IPsec service crash randomly

    1
    0 Votes
    1 Posts
    143 Views
    No one has replied
  • D

    Routing 1 site-to-wite vpn to another

    5
    0 Votes
    5 Posts
    297 Views
    D

    Here is the log informatin I get when trying to ping from one of hte remote sites:

    Oct 4 08:53:19 charon 80307 12[KNL] <con3|370> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:19 charon 80307 12[KNL] <con3|370> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:19 charon 80307 12[IKE] <con3|370> sending DPD request
    Oct 4 08:53:19 charon 80307 12[IKE] <con3|370> queueing IKE_DPD task
    Oct 4 08:53:19 charon 80307 12[IKE] <con3|370> activating new tasks
    Oct 4 08:53:19 charon 80307 12[IKE] <con3|370> activating IKE_DPD task
    Oct 4 08:53:19 charon 80307 12[ENC] <con3|370> generating INFORMATIONAL request 2250 [ ]
    Oct 4 08:53:19 charon 80307 12[NET] <con3|370> sending packet: from 50.169.69.234[500] to 50.169.69.203[500] (80 bytes)
    Oct 4 08:53:19 charon 80307 12[NET] <con3|370> received packet: from 50.169.69.203[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:19 charon 80307 12[ENC] <con3|370> parsed INFORMATIONAL response 2250 [ ]
    Oct 4 08:53:19 charon 80307 12[IKE] <con3|370> activating new tasks
    Oct 4 08:53:19 charon 80307 12[IKE] <con3|370> nothing to initiate
    Oct 4 08:53:22 charon 80307 12[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:22 charon 80307 12[ENC] <con1|366> parsed INFORMATIONAL request 12680 [ ]
    Oct 4 08:53:22 charon 80307 12[ENC] <con1|366> generating INFORMATIONAL response 12680 [ ]
    Oct 4 08:53:22 charon 80307 12[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:22 charon 80307 12[KNL] <con2|371> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:22 charon 80307 12[KNL] <con2|371> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:22 charon 80307 12[IKE] <con2|371> sending DPD request
    Oct 4 08:53:22 charon 80307 12[IKE] <con2|371> queueing IKE_DPD task
    Oct 4 08:53:22 charon 80307 12[IKE] <con2|371> activating new tasks
    Oct 4 08:53:22 charon 80307 12[IKE] <con2|371> activating IKE_DPD task
    Oct 4 08:53:22 charon 80307 12[ENC] <con2|371> generating INFORMATIONAL request 1086 [ ]
    Oct 4 08:53:22 charon 80307 12[NET] <con2|371> sending packet: from 50.169.69.234[500] to 50.169.69.219[500] (80 bytes)
    Oct 4 08:53:22 charon 80307 12[NET] <con2|371> received packet: from 50.169.69.219[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:22 charon 80307 12[ENC] <con2|371> parsed INFORMATIONAL response 1086 [ ]
    Oct 4 08:53:22 charon 80307 12[IKE] <con2|371> activating new tasks
    Oct 4 08:53:22 charon 80307 12[IKE] <con2|371> nothing to initiate
    Oct 4 08:53:27 charon 80307 11[IKE] <con4|372> sending DPD request
    Oct 4 08:53:27 charon 80307 11[IKE] <con4|372> queueing IKE_DPD task
    Oct 4 08:53:27 charon 80307 11[IKE] <con4|372> activating new tasks
    Oct 4 08:53:27 charon 80307 11[IKE] <con4|372> activating IKE_DPD task
    Oct 4 08:53:27 charon 80307 11[ENC] <con4|372> generating INFORMATIONAL request 93 [ ]
    Oct 4 08:53:27 charon 80307 11[NET] <con4|372> sending packet: from 50.169.69.234[500] to 192.158.19.11[500] (80 bytes)
    Oct 4 08:53:27 charon 80307 11[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:27 charon 80307 11[ENC] <con1|366> parsed INFORMATIONAL request 12681 [ ]
    Oct 4 08:53:27 charon 80307 11[ENC] <con1|366> generating INFORMATIONAL response 12681 [ ]
    Oct 4 08:53:27 charon 80307 11[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:27 charon 80307 11[NET] <con4|372> received packet: from 192.158.19.11[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:27 charon 80307 11[ENC] <con4|372> parsed INFORMATIONAL response 93 [ ]
    Oct 4 08:53:27 charon 80307 11[IKE] <con4|372> activating new tasks
    Oct 4 08:53:27 charon 80307 11[IKE] <con4|372> nothing to initiate
    Oct 4 08:53:29 charon 80307 11[KNL] <con3|370> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:29 charon 80307 11[KNL] <con3|370> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:29 charon 80307 11[IKE] <con3|370> sending DPD request
    Oct 4 08:53:29 charon 80307 11[IKE] <con3|370> queueing IKE_DPD task
    Oct 4 08:53:29 charon 80307 11[IKE] <con3|370> activating new tasks
    Oct 4 08:53:29 charon 80307 11[IKE] <con3|370> activating IKE_DPD task
    Oct 4 08:53:29 charon 80307 11[ENC] <con3|370> generating INFORMATIONAL request 2251 [ ]
    Oct 4 08:53:29 charon 80307 11[NET] <con3|370> sending packet: from 50.169.69.234[500] to 50.169.69.203[500] (80 bytes)
    Oct 4 08:53:29 charon 80307 11[NET] <con3|370> received packet: from 50.169.69.203[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:29 charon 80307 11[ENC] <con3|370> parsed INFORMATIONAL response 2251 [ ]
    Oct 4 08:53:29 charon 80307 11[IKE] <con3|370> activating new tasks
    Oct 4 08:53:29 charon 80307 11[IKE] <con3|370> nothing to initiate
    Oct 4 08:53:32 charon 80307 11[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:32 charon 80307 11[ENC] <con1|366> parsed INFORMATIONAL request 12682 [ ]
    Oct 4 08:53:32 charon 80307 11[ENC] <con1|366> generating INFORMATIONAL response 12682 [ ]
    Oct 4 08:53:32 charon 80307 11[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:32 charon 80307 11[KNL] <con2|371> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:32 charon 80307 11[KNL] <con2|371> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:32 charon 80307 11[IKE] <con2|371> sending DPD request
    Oct 4 08:53:32 charon 80307 11[IKE] <con2|371> queueing IKE_DPD task
    Oct 4 08:53:32 charon 80307 11[IKE] <con2|371> activating new tasks
    Oct 4 08:53:32 charon 80307 11[IKE] <con2|371> activating IKE_DPD task
    Oct 4 08:53:32 charon 80307 11[ENC] <con2|371> generating INFORMATIONAL request 1087 [ ]
    Oct 4 08:53:32 charon 80307 11[NET] <con2|371> sending packet: from 50.169.69.234[500] to 50.169.69.219[500] (80 bytes)
    Oct 4 08:53:32 charon 80307 11[NET] <con2|371> received packet: from 50.169.69.219[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:32 charon 80307 11[ENC] <con2|371> parsed INFORMATIONAL response 1087 [ ]
    Oct 4 08:53:32 charon 80307 11[IKE] <con2|371> activating new tasks
    Oct 4 08:53:32 charon 80307 11[IKE] <con2|371> nothing to initiate
    Oct 4 08:53:37 charon 80307 11[IKE] <con4|372> sending DPD request
    Oct 4 08:53:37 charon 80307 11[IKE] <con4|372> queueing IKE_DPD task
    Oct 4 08:53:37 charon 80307 11[IKE] <con4|372> activating new tasks
    Oct 4 08:53:37 charon 80307 11[IKE] <con4|372> activating IKE_DPD task
    Oct 4 08:53:37 charon 80307 11[ENC] <con4|372> generating INFORMATIONAL request 94 [ ]
    Oct 4 08:53:37 charon 80307 11[NET] <con4|372> sending packet: from 50.169.69.234[500] to 192.158.19.11[500] (80 bytes)
    Oct 4 08:53:37 charon 80307 09[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:37 charon 80307 09[ENC] <con1|366> parsed INFORMATIONAL request 12683 [ ]
    Oct 4 08:53:37 charon 80307 09[ENC] <con1|366> generating INFORMATIONAL response 12683 [ ]
    Oct 4 08:53:37 charon 80307 09[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:37 charon 80307 09[NET] <con4|372> received packet: from 192.158.19.11[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:37 charon 80307 09[ENC] <con4|372> parsed INFORMATIONAL response 94 [ ]
    Oct 4 08:53:37 charon 80307 09[IKE] <con4|372> activating new tasks
    Oct 4 08:53:37 charon 80307 09[IKE] <con4|372> nothing to initiate
    Oct 4 08:53:39 charon 80307 09[KNL] <con3|370> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:39 charon 80307 09[KNL] <con3|370> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:39 charon 80307 09[IKE] <con3|370> sending DPD request
    Oct 4 08:53:39 charon 80307 09[IKE] <con3|370> queueing IKE_DPD task
    Oct 4 08:53:39 charon 80307 09[IKE] <con3|370> activating new tasks
    Oct 4 08:53:39 charon 80307 09[IKE] <con3|370> activating IKE_DPD task
    Oct 4 08:53:39 charon 80307 09[ENC] <con3|370> generating INFORMATIONAL request 2252 [ ]
    Oct 4 08:53:39 charon 80307 09[NET] <con3|370> sending packet: from 50.169.69.234[500] to 50.169.69.203[500] (80 bytes)
    Oct 4 08:53:39 charon 80307 09[NET] <con3|370> received packet: from 50.169.69.203[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:39 charon 80307 09[ENC] <con3|370> parsed INFORMATIONAL response 2252 [ ]
    Oct 4 08:53:39 charon 80307 09[IKE] <con3|370> activating new tasks
    Oct 4 08:53:39 charon 80307 09[IKE] <con3|370> nothing to initiate
    Oct 4 08:53:42 charon 80307 09[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:42 charon 80307 09[ENC] <con1|366> parsed INFORMATIONAL request 12684 [ ]
    Oct 4 08:53:42 charon 80307 09[ENC] <con1|366> generating INFORMATIONAL response 12684 [ ]
    Oct 4 08:53:42 charon 80307 09[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:42 charon 80307 09[KNL] <con2|371> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:42 charon 80307 09[KNL] <con2|371> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:42 charon 80307 09[IKE] <con2|371> sending DPD request
    Oct 4 08:53:42 charon 80307 09[IKE] <con2|371> queueing IKE_DPD task
    Oct 4 08:53:42 charon 80307 09[IKE] <con2|371> activating new tasks
    Oct 4 08:53:42 charon 80307 09[IKE] <con2|371> activating IKE_DPD task
    Oct 4 08:53:42 charon 80307 09[ENC] <con2|371> generating INFORMATIONAL request 1088 [ ]
    Oct 4 08:53:42 charon 80307 09[NET] <con2|371> sending packet: from 50.169.69.234[500] to 50.169.69.219[500] (80 bytes)
    Oct 4 08:53:42 charon 80307 09[NET] <con2|371> received packet: from 50.169.69.219[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:42 charon 80307 09[ENC] <con2|371> parsed INFORMATIONAL response 1088 [ ]
    Oct 4 08:53:42 charon 80307 09[IKE] <con2|371> activating new tasks
    Oct 4 08:53:42 charon 80307 09[IKE] <con2|371> nothing to initiate
    Oct 4 08:53:47 charon 80307 09[IKE] <con4|372> sending DPD request
    Oct 4 08:53:47 charon 80307 09[IKE] <con4|372> queueing IKE_DPD task
    Oct 4 08:53:47 charon 80307 09[IKE] <con4|372> activating new tasks
    Oct 4 08:53:47 charon 80307 09[IKE] <con4|372> activating IKE_DPD task
    Oct 4 08:53:47 charon 80307 09[ENC] <con4|372> generating INFORMATIONAL request 95 [ ]
    Oct 4 08:53:47 charon 80307 09[NET] <con4|372> sending packet: from 50.169.69.234[500] to 192.158.19.11[500] (80 bytes)
    Oct 4 08:53:47 charon 80307 09[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:47 charon 80307 09[ENC] <con1|366> parsed INFORMATIONAL request 12685 [ ]
    Oct 4 08:53:47 charon 80307 09[ENC] <con1|366> generating INFORMATIONAL response 12685 [ ]
    Oct 4 08:53:47 charon 80307 09[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:47 charon 80307 09[NET] <con4|372> received packet: from 192.158.19.11[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:47 charon 80307 09[ENC] <con4|372> parsed INFORMATIONAL response 95 [ ]
    Oct 4 08:53:47 charon 80307 09[IKE] <con4|372> activating new tasks
    Oct 4 08:53:47 charon 80307 09[IKE] <con4|372> nothing to initiate
    Oct 4 08:53:49 charon 80307 09[KNL] <con3|370> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:49 charon 80307 09[KNL] <con3|370> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:49 charon 80307 09[IKE] <con3|370> sending DPD request
    Oct 4 08:53:49 charon 80307 09[IKE] <con3|370> queueing IKE_DPD task
    Oct 4 08:53:49 charon 80307 09[IKE] <con3|370> activating new tasks
    Oct 4 08:53:49 charon 80307 09[IKE] <con3|370> activating IKE_DPD task
    Oct 4 08:53:49 charon 80307 09[ENC] <con3|370> generating INFORMATIONAL request 2253 [ ]
    Oct 4 08:53:49 charon 80307 09[NET] <con3|370> sending packet: from 50.169.69.234[500] to 50.169.69.203[500] (80 bytes)
    Oct 4 08:53:49 charon 80307 10[NET] <con3|370> received packet: from 50.169.69.203[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:49 charon 80307 10[ENC] <con3|370> parsed INFORMATIONAL response 2253 [ ]
    Oct 4 08:53:49 charon 80307 10[IKE] <con3|370> activating new tasks
    Oct 4 08:53:49 charon 80307 10[IKE] <con3|370> nothing to initiate
    Oct 4 08:53:52 charon 80307 10[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:52 charon 80307 10[ENC] <con1|366> parsed INFORMATIONAL request 12686 [ ]
    Oct 4 08:53:52 charon 80307 10[ENC] <con1|366> generating INFORMATIONAL response 12686 [ ]
    Oct 4 08:53:52 charon 80307 10[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:52 charon 80307 10[KNL] <con2|371> querying policy 0.0.0.0/0|/0 === 0.0.0.0/0|/0 in failed, not found
    Oct 4 08:53:52 charon 80307 10[KNL] <con2|371> querying policy ::/0|/0 === ::/0|/0 in failed, not found
    Oct 4 08:53:52 charon 80307 10[IKE] <con2|371> sending DPD request
    Oct 4 08:53:52 charon 80307 10[IKE] <con2|371> queueing IKE_DPD task
    Oct 4 08:53:52 charon 80307 10[IKE] <con2|371> activating new tasks
    Oct 4 08:53:52 charon 80307 10[IKE] <con2|371> activating IKE_DPD task
    Oct 4 08:53:52 charon 80307 10[ENC] <con2|371> generating INFORMATIONAL request 1089 [ ]
    Oct 4 08:53:52 charon 80307 10[NET] <con2|371> sending packet: from 50.169.69.234[500] to 50.169.69.219[500] (80 bytes)
    Oct 4 08:53:52 charon 80307 10[NET] <con2|371> received packet: from 50.169.69.219[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:52 charon 80307 10[ENC] <con2|371> parsed INFORMATIONAL response 1089 [ ]
    Oct 4 08:53:52 charon 80307 10[IKE] <con2|371> activating new tasks
    Oct 4 08:53:52 charon 80307 10[IKE] <con2|371> nothing to initiate
    Oct 4 08:53:57 charon 80307 10[IKE] <con4|372> sending DPD request
    Oct 4 08:53:57 charon 80307 10[IKE] <con4|372> queueing IKE_DPD task
    Oct 4 08:53:57 charon 80307 10[IKE] <con4|372> activating new tasks
    Oct 4 08:53:57 charon 80307 10[IKE] <con4|372> activating IKE_DPD task
    Oct 4 08:53:57 charon 80307 10[ENC] <con4|372> generating INFORMATIONAL request 96 [ ]
    Oct 4 08:53:57 charon 80307 10[NET] <con4|372> sending packet: from 50.169.69.234[500] to 192.158.19.11[500] (80 bytes)
    Oct 4 08:53:57 charon 80307 10[NET] <con1|366> received packet: from 66.207.143.1[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:57 charon 80307 10[ENC] <con1|366> parsed INFORMATIONAL request 12687 [ ]
    Oct 4 08:53:57 charon 80307 10[ENC] <con1|366> generating INFORMATIONAL response 12687 [ ]
    Oct 4 08:53:57 charon 80307 10[NET] <con1|366> sending packet: from 50.169.69.234[500] to 66.207.143.1[500] (80 bytes)
    Oct 4 08:53:57 charon 80307 10[NET] <con4|372> received packet: from 192.158.19.11[500] to 50.169.69.234[500] (80 bytes)
    Oct 4 08:53:57 charon 80307 10[ENC] <con4|372> parsed INFORMATIONAL response 96 [ ]
    Oct 4 08:53:57 charon 80307 10[IKE] <con4|372> activating new tasks
    Oct 4 08:53:57 charon 80307 10[IKE] <con4|372> nothing to initiate

  • A

    IPsec tunnel stops passing traffic between pfsense and sonicwall NSA 4500

    4
    0 Votes
    4 Posts
    1k Views
    A

    Yeah, once I got it configured correctly with the multiple phase 2 connections it was rock solid. Bomb-proof even.

  • P

    IPSec VPN ios client can reach local hosts but wan access shows real ip

    1
    0 Votes
    1 Posts
    115 Views
    No one has replied
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.